In recent years, it has become common to connect various multiple image processing apparatuses (mainly, image forming apparatuses) to a network, such as a LAN, and share the image processing apparatuses among a number of users. For example, it has become popular to transmit and print data, such as a document, generated by a personal computer (PC) to and by a designated printer, multifunction peripheral, or the like via a network.
In this case, to ensure the security and to limit functions available to users, it is necessary to provide an authentication function to each of the image processing apparatuses.
To perform an authentication, it is also necessary to generate and store in advance a database of authentication information (in general, user accounts with user names and passwords) on users who are able to use the image processing apparatuses, for each of the image processing apparatuses. Further, it is necessary to enable editing, such as addition, deletion, or change, of the authentication information.
Therefore, if the database of the authentication information on each of the users and a corresponding editing function are to be provided to an individual image processing apparatus connected to the network, costs increase. Further, it is difficult to centrally manage the authentication information on all of the users in the network, so that management of the authentication information becomes cumbersome.
Therefore, it has been proposed to install an authentication server as a dedicated server in the network, store data of the authentication information necessary for authentication of all of the users in the authentication server, and allow the authentication server to independently perform editing. For example, Japanese Patent Application Laid-open No. 2012-216130 discloses a network system and an authentication system, in which an authentication server and image processing apparatuses as described above are connected via a network.
In such an authentication system, when an image processing apparatus receives a use request through input of user identification information (a login ID and a password) from a user, it transmits the user identification information and an authentication request to the authentication server to request authentication. Accordingly, the authentication server performs an authentication on the user identification information by using the database of the authentication information stored in the authentication server, and transmits an authentication result to the image processing apparatus. The image processing apparatus receives the authentication result, and determines whether to permit the user request form the user.
Therefore, if the authentication server is temporarily unable to perform authentication due to a trouble or the like in the network and the image processing apparatus is unable to receive a result of authentication performed by the authentication server, it becomes impossible to perform authentication and to use the image processing apparatus.
In the authentication system disclosed in Japanese Patent Application Laid-open No. 2012-216130, to cope with this problem, the image processing apparatus stores therein, as an authentication history, pieces of data of authentication results received from the authentication server in chronological order.
Further, if the image processing apparatus does not receive a normal authentication result from the authentication server even when transmitting user identification information and an authentication request to the authentication server to request authentication, the image processing apparatus itself is allowed to perform proxy authentication by using the authentication history stored in chronological order.
However, in the authentication system based on authentication using the dedicated authentication server as described above, costs to install and operate the authentication server become a problem.
Further, as disclosed in Japanese Patent Application Laid-open No. 2012-216130, if the authentication server is temporarily unable to perform authentication due to a trouble of the like in the network, the image processing apparatus itself is allowed to perform proxy authentication. However, as for a user who sends a use request to the image processing apparatus for the first time, an authentication history of user identification information on this user has not been stored, so that it is difficult to perform proxy authentication.